76b39325d57a312b00bab5d139791cb41b84926699cf705d99f90911ec8ac546 | Triage

Sharing

General

Target

e13397191d23d065ebbdc1462f160482
Size

168KB
Sample

240327-j47mbagb29
MD5

e13397191d23d065ebbdc1462f160482
SHA1

614ae7b6d61c73ac53dc9b2f2b092bfdbb3d89a6
SHA256

76b39325d57a312b00bab5d139791cb41b84926699cf705d99f90911ec8ac546
SHA512

be6b21c7c3f0677a3b16f5d6391e290a8e6c6351cf57536a4050fbbd8e623db806e0606838a0ae5e258a5b70924a1221ea947d5aa3e0e6b0206de9528e677cbe
SSDEEP

3072:0h9apB653YItHDhppc1fxEcyGHS0OXDyiLSqALc8:0h9apB65BKTnyXnGt

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  e13397191d23d065ebbdc1462f160482
- Size
  
  168KB
- MD5
  
  e13397191d23d065ebbdc1462f160482
- SHA1
  
  614ae7b6d61c73ac53dc9b2f2b092bfdbb3d89a6
- SHA256
  
  76b39325d57a312b00bab5d139791cb41b84926699cf705d99f90911ec8ac546
- SHA512
  
  be6b21c7c3f0677a3b16f5d6391e290a8e6c6351cf57536a4050fbbd8e623db806e0606838a0ae5e258a5b70924a1221ea947d5aa3e0e6b0206de9528e677cbe
- SSDEEP
  
  3072:0h9apB653YItHDhppc1fxEcyGHS0OXDyiLSqALc8:0h9apB65BKTnyXnGt
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2